8000 feat: Improve passkey registration to prevent duplicate entries by kelvin-chappell · Pull Request #582 · guardian/janus-app · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

feat: Improve passkey registration to prevent duplicate entries #582

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
May 22, 2025
Merged

feat: Improve passkey registration to prevent duplicate entries #582

merged 4 commits into from
May 22, 2025

Conversation

kelvin-chappell
Copy link
Member

What is the purpose of this change?

We now send an excludeCredentials attribute in our pre-registration options call, which contains details of the user's existing passkeys. If they try to register a passkey of the same type twice they will get an InvalidStateError, which we trap with a warning toast.

What is the value of this change and how do we measure success?

This will ensure that we don't end up with redundant and useless passkeys in the Janus database. If a passkey of the same type is registered twice, the first one will be overwritten on the authenticator and therefore its record in the Janus database will be useless. By intercepting the registration on the browser we avoid a new passkey of the same type being generated at all.

@kelvin-chappell kelvin-chappell requested a review from a team May 21, 2025 11:29
@kelvin-chappell
Merge branch 'main' into kc/no-dups
5787cbd 
# Conflicts:
#	app/models/Passkey.scala
tjsilver
tjsilver reviewed May 22, 2025
View reviewed changes
Copy link
Contributor
@tjsilver tjsilver left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tested this locally and noticed that the warning message was only displayed in Chrome, and in Firefox the 'failed to register' error message was displayed instead. Is this expected?

@kelvin-chappell
Copy link
Member Author

I tested this locally and noticed that the warning message was only displayed in Chrome, and in Firefox the 'failed to register' error message was displayed instead. Is this expected?

No, this is my limited testing. Thanks for pointing it out! I'll investigate.

@kelvin-chappell kelvin-chappell marked this pull request as draft May 22, 2025 09:28
@kelvin-chappell kelvin-chappell marked this pull request as ready for review May 22, 2025 11:20
tjsilver
tjsilver reviewed May 22, 2025
View reviewed changes
tjsilver
tjsilver approved these changes May 22, 2025
View reviewed changes
Copy link
Contributor
@tjsilver tjsilver left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apart from a nit about the message length, this looks good!

@kelvin-chappell @tjsilver
Update frontend/passkeys.js
12167c7 
Co-authored-by: TJ Silver <15648334+tjsilver@users.noreply.github.com>
@kelvin-chappell kelvin-chappell merged commit 0400d9e into main May 22, 2025
6 checks passed
@kelvin-chappell kelvin-chappell deleted the kc/no-dups branch May 22, 2025 12:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tjsilver tjsilver tjsilver approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kelvin-chappell @tjsilver
0